A List Of Notable DDoS Statistics To Understand The Cyber Threat In The Upcoming Years

Barry Elad

Updated · Oct 04, 2023

A List Of Notable DDoS Statistics To Understand The Cyber Threat In The Upcoming Years

DDoS Statistics: Distributed Denial of Service (DDoS) attacks are also known as Distributed Network Attacks. Such attacks can impact firms of any size. DDoS attacks can target and weaken online shopping sites, online casinos, businesses, and hosting platforms that offer online services as well. Experts have said that DDoS attacks can be highly detrimental to a company's brand image in the market and revenue. We have listed some essential DDoS statistics that businesses need to be aware of in the upcoming years and some useful facts about DDoS attacks

Key DDoS Statistics (Editor’s Choice)

  • There have been more than 5.4 million DDoS attacks in the first quarter of 2021.
  • There has been a long-lasting and massive increase in the number of DDoS attacks during the pandemic.
  • Companies end up losing around $20000 to $40000 per hour after being hit by DDoS attacks.
  • More than 12 million DDoS weapons or malicious IP addresses are being used to carry out DDoS attacks across the world.
  • The median size of DDoS attacks was 150 Mbps in the first quarter of 2021.
  • The DDoS attack on Yandex in September 2021 was the biggest DDoS attack in history.
  • Russia and Ukraine have been most affected by the new emerging Ransom DDoS attack.
  • Broadcast media firms in Ukraine have been the biggest targets of DDoS attacks in the second quarter of 2022.
  • Banking, Financial Services, and Insurance (BFSI) have been the most affected industries by such attacks in Russia.
  • The cryptocurrency industry in Russia has been the second most affected industry by DDoS attacks.

Important DDoS Attacks And Trends

#1. The mean size of DDoS attacks was 150 Mbps in the first quarter of 2021

There was a slight reduction in the average size of DDoS attacks with 150 Mbps in the first quarter of 2021 as compared to 315 Mbps in the fourth quarter of 2020.

#2. A company loses around $20000 to $40000 per hour on average after a DDoS attack

This figure can increase up to $ 50,000 at times, which is the average income of a US citizen.

#3. The biggest DDoS attack in history on Yandex occurred in September 2021

Yandex confirmed a DDoS attack of around 22 million requests per second in September 2021.

#4. The most extended DDoS attack in 2021 continued for 776 days

In the second quarter of 2021, the world witnessed a DDoS attack that lasted for over a month nearly 32 days.

#5. Most DDoS attacks in the third quarter of 2020 lasted for less than 240 minutes, which is nearly 4 hours

Although there are many long-duration DDoS attacks, the majority of them last for only a few hours. However, such attacks are still five times the number of ultra-long DDoS attacks that last for more than 140 hours.

#6. Continent 8 Technologies was able to avert a record of 641 DDoS attacks

From October to December 2021, Continent 8 technologies were able to prevent a large number of DDoS attacks. It shows that there was an increase in the number of DDoS attacks in the fourth quarter of 2021 as compared to the third quarter of the year when only 546 DDoS attacks happened.

#7. As per DDoS statistics for 2022, the US has faced the most DDoS attacks on its resources

Around 25 percent of targets of DDoS attacks have been located in the US. The country accounts for 45.95 percent of all DDoS attacks in the second quarter of 2022.

#8. UDP Flood type DDoS attacks led to 62.53 percent of DDoS attacks

It is a type of DDoS attack where cyber criminals overpower random ports of the targeted host with IP packets that contain UDP datagrams.

#9. There were around 78558 DDoS attacks have been reported in the second quarter of 2022.

#10. Ultra-short DDoS attacks have accounted for 95.42 percent of the total number of DDoS attacks.

#11. Shorter attacks of over 4 hours have accounted for 74.12 percent of the total number of DDoS attacks.

Ransom DDoS attack Statistics

#12. Ransom DDoS attacks targeted at VoIP providers have been rampant in the US, Canada, and the UK

Companies based in the US, Canada, and the UK that provide VoIP services have been affected by ransom DDoS attacks in the third quarter of 2021.

#13. The year 2021 was one of the break-out years for DDoS attacks

The frequency of DDoS attacks was much higher in 2021 as compared to the previous year. There had been a flood of ultra-short DDoS attacks that lasted for less than four hours on average. Studies show that most attacks were shorter than one hour in duration. However, it reaffirms the need for automated always-on DDoS mitigation strategies.

#14. In June 2022, ransom DDoS attacks have reached their peak of the year so far

As per DDoS statistics, one out of every five respondents included in a survey has said that they have been subjected to a ransom DDoS attack or other cyber threats.

#15. In the second quarter of 2022, the rate of ransom DDoS attacks has shot up by 11 percent quarter-over-quarter

The majority of ransom DDoS attacks have been launched by a group known as Fancy Lazarus claiming to be an ‘Advanced Persistent Threat' (APT).

ransom-ddos-attacks-threats-by-quarter
(Source: cloudflare.com)

Application-Layer DDoS Attack Statistics

#16. Application-layer DDoS attacks have seen a 72 percent year-over-year increase

Application-layer DDoS attacks or HTTP DDoS attacks aim to shatter a web server by making it incapable of processing legitimate user requests. Companies based in the US have been most affected by such kinds of attacks.

#17. The Aviation and Aerospace industry has been most affected by application-layer DDoS attacks in the second quarter of 2022

The Aviation and Aerospace industry has seen a 493 percent quarter-over-quarter increase in the number of such attacks.

application-layer-ddos-attacks-distribution-by-industry
(Source: cloudflare.com)

#18. Companies based in the US have seen a 57 percent quarter-over-quarter increase in the number of HTTP DDoS attacks

It shows that the US is the major target of HTTP DDoS attacks.

#19. Application-layer DDoS attacks originating from the US have reduced by 43 percent in the second quarter of 2022.

#20. There has been an 8 percent reduction in the number of application-layer DDoS attacks sourced from China.

#21. Such attacks originating from India have increased by 87 percent.

#22. There has been a 33 percent and a 67 percent reduction in the numbers of such attacks originating from Germany and Brazil respectively.

DDoS Statistics by Industry-Wise Growth Rate

Shares of attacks by industry

  • Finance: 34%
  • E-commerce: 22% share
  • Telecommunications: 16%
  • Entertainment: 12%
  • Transportation: 7%
  • Education: 5%
  • Insurance: 3%
  • Others: 1%

(Source: storm wall. network)

The highest-ever risky industry observed during the study of DDoS attack Statistics was the finance industry resulting in 34%, other industries tailing are eCommerce (22%) and Telecommunications (16%).

DDoS Attack by Country

(Source: storm wall. network)

As of Q1 of 2023, the United States of America, India, and China were the top three ranked countries with the highest number of shares in DDoS attacks. Each country respectively suffered through 17.6%, 14.2%, and 11.7% attacks. Turkey was considered the safest in all of the above countries with only 1.4% of the total share in attacks.

DDoS Attacks by Protocol

(Source: storm wall. network)

The most targeted transport layer in Q1 of 2023 was HTTP/HTTPS with 82.3% of attacks.  DNS was considered with least targeted layer.

Network-Layer DDoS Attack Statistics

#23. In the second quarter of 2022, network-layer DDoS attacks have seen a 109 percent year-over-year increase

Network-layer attacks target the network infrastructure such as servers in-line routers and the internet link. Network-layer DDoS attacks of 100 Gbps and larger have seen an 8 percent quarter-over-quarter increase.

network-layers-ddos-attacks-quarterly-distribution-by-month

(Source: cloudflare.com)

#24. Firms based in the US have been highly impacted by network-layer DDoS attacks

Companies based in China, Singapore, and Germany as well have been seriously affected by such attacks.

#25. The Telecommunication industry, Gaming or Gambling industry, IT industry, and Service industry have been most affected by network-layer DDoS attacks

The telecommunication industry has been the most affected by network-layer attacks with a 66 percent quarter-over-quarter increase.

network-layer-ddos-attacks-distribution-of-bytes-by-industry
(Source: cloudflare.com)

#26. In the second quarter of 2022, network-layer attacks on the US networks have shot up by 95 percent quarter-over-quarter

After the United States, China, Singapore, and Germany have been the most attacked countries.

#27. DNS attack is the second most common attack vector

An attack vector is a term used to define a technique that is utilized by cybercriminals to launch their DDoS attacks such as IP protocol, packet attributes like TCP flags, flooding method, and other standards.

#28. As per the DDoS statistics, SYN Flood is the most popular attack vector

In the second quarter of 2022, nearly 53 percent of total network-layer attacks have been led by SYN Flood-type attack vectors.

#29. Attacks over CHARGEN, Memcached, and Ubiquiti have been the top emerging threats in the second quarter of 2022.

In the second quarter of 2022, attacks targeting the CHARGEN protocol have shot up by 377 percent quarter-over-quarter.

network-layer-ddos-attacks-distribution-by-top-emerging-threats
(Source: cloudflare.com)

#30. In the same period, Memcached DDoS attacks have seen a 287 percent quarter-over-quarter increase.

#31. Attacks targeting Ubiquiti Discovery Protocol as well have gone up by 327 percent quarter-over-quarter.

#32. Network-layer attacks lasting for more than three hours have shot up by 12 percent quarter-over-quarter.

network-layer-ddos-attacks-qoq-change-in-duration
(Source: cloudflare.com)

#33. Almost a third of the network-layer attack traffic has been seen in Palestine.

#34. The majority of network-layer DDoS attacks have been below 500 Mbps in the second quarter of 2022.

network-layer-ddos-attacks-distribution-by-bit-rate
(Source: cloudflare.com)

#35. Most network-layer DDoS attacks have remained under 50,000 packets per second.

network-layer-ddos-attacks-distribution-by-packet-rate
(Source: cloudflare.com)

DDoS Attacks On Other Devices

#36. As per the latest DDoS statistics, nearly 80 percent of banking apps and mobile eCommerce apps are susceptible to DDoS attacks

Apps usually are more vulnerable to such attacks as compared to websites. Hence, companies should regularly perform security tests on their apps to prevent such attacks.

#37. DDoS attacks account for 14 percent of hacking attacks and data breaches on cloud services

The DDoS attack is one of the major security threats to cloud computing.

#38. AWS shield standard identifies and reduces more than 99 percent of infrastructure layer attacks in fewer than 1 second

Amazon uses the AWS shield standard to protect its largest server network from DDoS attacks.

Impressive DDoS Statistics And Trends

#39. In the fourth quarter of 2021, the manufacturing industry was the most targeted industry

It indicates a 641 percent increase in the number of attacks on this industry.

#40. Global DDoS Protection and Mitigation market size is expected to reach $6.7 billion by 2026

It shows an annual growth rate of 15.1 percent.

#41. DDoS and DoS attacks are the most regular types of cyber attacks

Apart from DDoS and DoS attacks, MitM (Man-in-the-middle), phishing, spear-phishing, drive-by attacks, and password attacks as well are some common types of cyber attacks.

#42. In 2021, the Asia-Pacific Region was the top target for DDoS attacks

Around 33 percent of DDoS attacks were targeted in Taiwan, while 46 percent of DDoS attacks were targeted in the Asia-Pacific Region.

#43. HULK was the most popular DDoS attack tool in 2020

HTTP Unbearable Load King (HULK) is a DDoS attack tool that comes with the ability to bypass the cache engine and create unique obscure traffic. It can produce a massive volume of traffic on the web server.

#44. Most botnet attacks took place in the first quarter of 2021

A botnet is defined as a network of PCs that are infected with malevolent software that can be controlled as a group without the owners.

#45. Large firms lose around $417000 due to DoS attacks.

#46. Nearly 7 percent of DDoS attacks on trades last more than a week.

#47. Around 12 percent of businesses believe that their rivals start DDoS attacks on them.

#48. Most DDoS attacks result in a massive service breakdown.

#49. Around 20 percent of mid-sized firms having more than 50 employees have said that they have suffered at least one DDoS attack.

#50. WordPress susceptibilities resulted in a DDoS attack that affected nearly 18 million users in 2014.

#51. Cloudflare's multiple-layer defense system can help prevent a DDoS attack.

#52. F5 Networks also offers 24/7 customer support for DDoS attack alleviation.

Conclusion

Over the years, it has become much easier for cyber criminals to launch DDoS attacks. These DDoS statistics show that the security of network infrastructure against cyber criminals is extremely vital. Distributed Denial of Service (DDoS) attacks overwhelm the resources of the affected network.  A monitoring method is crucial for identifying malicious attacks against cyber systems. DDoS attacks are evolving every day, and that is the reason it has become essential for businesses to opt for effective DDoS mitigation strategies rather than depending on traditional anti-DDoS software and tools that are no longer potent to offer enough protection against such attacks.

  • Statistics
  • FAQ.

    How many DDoS attacks take place on a regular basis?

    After merging direct attacks with reflection attacks, experts have found that around 28700 distinct DDoS attacks take place every day.

    What is the most effective DDoS method?

    Experts say that DNS Flood is one of the most famous DDoS attacks. It is one of the strongest DDoS attacks to identify and stop.

    How long an average DDoS attack lasts?

    A DDoS attack lasts for less than four hours. However, experts say that the majority of such attacks last for less than an hour in duration.

    What is the most common class of DoS attacks?

    Buffer overflow attacks are considered the most common class of DoS attacks. It is designed to send more traffic to a network address as compared to what programmers have designed the system to manage.

    How can DDoS attacks be prevented?

    Businesses can opt for firewalls and intrusion detection systems that work as traffic-scanning barricades between networks. Anti-malware and anti-virus software as well can prevent DDoS attacks.

    Barry Elad
    Barry Elad

    Barry is a lover of everything technology. Figuring out how the software works and creating content to shed more light on the value it offers users is his favorite pastime. When not evaluating apps or programs, he's busy trying out new healthy recipes, doing yoga, meditating, or taking nature walks with his little one.

    Read next